﻿using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Collections;
/// <summary>
/// User类是一个记录用户相关信息的类
/// </summary>
public class Users
{
    private string _userName;
    private string _userPwd;
    private string _trueName;
    private int _depID;
    private int _roleID;
    private string _phone;
    private string _email;
    public Users()
    { }
    public Users(string userName, string userPwd, string trueName, int depID, int roleID, string phone, string email)
    {
        _userName = userName;
        _userPwd = userPwd;
        _trueName = trueName;
        _depID = depID;
        _roleID = roleID;
        _phone = phone;
        _email = email;

    }
    public string UserName
    {
        set { _userName = value; }
        get { return _userName; }
    }
    public string UserPwd
    {
        set { _userPwd = value; }
        get { return _userPwd; }
    }
    public string TrueName
    {
        set { _trueName = value; }
        get { return _trueName; }
    }

    public int DepID
    {
        set { _depID = value; }
        get { return _depID; }
    }
    public int RoleID
    {
        set { _roleID = value; }
        get { return _roleID; }
    }
    public string Phone
    {
        set { _phone = value; }
        get { return _phone; }
    }
    public string Email
    {
        set { _email = value; }
        get { return _email; }
    }


    /// <summary>
    /// 查找一个用户
    /// </summary>
    /// <param name="userName">用户名</param>
    /// <returns>如果用户存在，返回一个记录该用户信息的datarow，否则返回NULL</returns>
    public static DataRow searchUser(string userName)
    {


        DBOperation db = new DBOperation();
        string strSql = "select * from USERS where USERNAME='" + userName + "'";
        DataRow dr = db.GetDateRow(strSql);
        if (dr != null)
        {
            return dr;

        }
        else
        {
            return null;
        }


    }
    /// <summary>
    /// 添加一个用户
    /// </summary>

    /// <returns>添加成功返回真，否则假</returns>
    public bool AddUser()
    {
        bool seccess = false;
        string sqlStr = "insert into USERS(USERNAME,PASSWD,TRUENAME,DEPID,ROLEID,PHONE,EMAIL) values("
                         + "'" + this.UserName + "',"
                         + "'" + Encrypt.toMD5(this.UserPwd) + "',"
                         + "'" + this.TrueName + "',"
                         + "'" + this.DepID + "',"
                         + "'" + this.RoleID + "',"
                         + "'" + this.Phone + "',"
                         + "'" + this.Email + "')";
        DBOperation db = new DBOperation();

        if (db.ExcuteSql(sqlStr))
        {
            seccess = true;
        }
        return seccess;
    }
    /// <summary>
    /// 删除一个用户,并删除与该用户相关的存储在其他表的数据
    /// </summary>
    /// <param name="userName">用户名</param>
    /// <param name="isSaveMsg">是否保留用户发送的信息，1表示保留，0表示不保留</param>
    /// <returns>删除成功返回真，否则假</returns>
        public static bool DeleteUser(string userName, int isSaveMsg)
        {
            string strTableName ="MESSAGE"+ Convert.ToString(DateTime.Now.Year);//获取当年的表名
            bool seccess = false;
            DBOperation db = new DBOperation();
            if(isSaveMsg==0)
            {
                    ArrayList sqlStrings = new ArrayList();
                    sqlStrings.Add("delete USERS where USERNAME='" + userName + "'");
                    sqlStrings.Add("delete "+strTableName+" where FROMUSERNAME='" + userName + "'");
                    seccess= db.ExcuteSqls(sqlStrings);
            }
            else{
                    string strDelUser = "delete USERS where USERNAME='" + userName + "'";
                   seccess=  db.ExcuteSql(strDelUser);
            }
            return seccess;
            
            
        }
    /// <summary>
    /// 修改用户信息
    /// </summary>

    /// <returns>修改成功返回真，否则假</returns>
    public bool UpateUser(string userName)
    {
        bool seccess = false;
        string sqlStr = "update USERS set"
                       + " USERNAME='" + this.UserName + "',"
                       + "PASSWD='" + Encrypt.toMD5(this.UserPwd) + "',"
                       + "TRUENAME='" + this.TrueName + "',"
                       + "DEPID='" + this.DepID + "',"
                       + "PHONE='" + this.Phone + "',"
                       + "EMAIL='" + this.Email + "'"
                       +" where USERNAME='"+userName+"'";
        DBOperation db = new DBOperation();
        if (db.ExcuteSql(sqlStr))
        {
            seccess = true;
        }

        return seccess;
    }
    //更新用户的部分信息
    public bool UpdateUserSomeInfo(string userName)
    {
        bool seccess = false;
        string sqlStr = "update USERS set"
                       + " USERNAME='" + this.UserName + "',"
                       + "TRUENAME='" + this.TrueName + "',"
                       + "DEPID='" + this.DepID + "',"
                       + "PHONE='" + this.Phone + "',"
                       + "EMAIL='" + this.Email + "'"
                       + " where USERNAME='" + userName + "'";
        DBOperation db = new DBOperation();
        if (db.ExcuteSql(sqlStr))
        {
            seccess = true;
        }

        return seccess;
    }
    /// <summary>
    /// 读取系统所有用户的信息
    /// </summary>
    /// <returns>返回一个dataSet</returns>
    public DataSet ReadAllUsers()
    {
        DataSet ds = null;
        string tableName = "userInfo";
        string strReadAllUsers = "select * from USERS";
        DBOperation DB = new DBOperation();
        ds = DB.GetDataSet(strReadAllUsers ,tableName);
        return ds;
    }
    /// <summary>
    /// 更新用户角色
    /// </summary>
    /// <param name="userName">用户名</param>
    /// <param name="roleID">角色ID</param>
    /// <returns>成功返回真</returns>
    public bool UpdateRole(string userName,int roleID)
    {
        bool seccess = false;
        string updateRole = "update USERS set ROLEID="+roleID+" where USERNAME='"+userName+"'";
        DBOperation db = new DBOperation();
        seccess = db.ExcuteSql(updateRole);
        return seccess;
    }

}
